zsxq-note
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected in the analyzed files. The behavior aligns with the stated purpose of managing notes via a local CLI tool.
- [COMMAND_EXECUTION]: The skill relies on the
zsxq-clicommand-line utility to interact with the Knowledge Planet API, as documented in the metadata and instruction files. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface when fetching and displaying note lists from an external platform.
- Ingestion points:
zsxq-cli note +listcommand output inreferences/zsxq-note-list.mdwhich reads note content from Knowledge Planet. - Boundary markers: Absent. The skill does not currently use specific delimiters to wrap external note content.
- Capability inventory: CLI execution of
zsxq-cliinreferences/zsxq-note-create.mdandreferences/zsxq-note-list.md. - Sanitization: Absent. The instructions do not specify sanitization or escaping of the fetched text before processing.
Audit Metadata